Security against Phishing Attacks


Author(s): Chahat Monga, Richa

Phishing is a type of network attack where the attacker creates a web page to fool users. For example by creating fake login page, fake emails for knowing user details. Phishing emails contain messages that ask the users to enter the personal information. Phishing scams have been receiving extensive press coverage because such attacks have been escalating in number and sophistication. To protect users from phishing attacks system designers and security professionals need to understand how users interact with those attacks. This paper gives brief information about phishing, its attacks, steps that users can take to safeguard their confidential information. To this end, Anti-Phish tracks the sensitive information of a user and generates warnings whenever the user attempts to give away this information to a web site that is considered un-trusted.